Google's Chrome browser (and Chromium) stores the saved passwords in a encrypted sqlite database where it is pretty safe. However, if the user is logged into Chrome, it is merely a matter of a few mouse clicks to reveal the passwords.

Because of that I would like to make a script that will automatically log me out of Chrome based on certain criteria, such as when my Linux PC is connected to a foreign network (which would be the case if it were stolen).

The script itself is not my main problem. What I don't know, however, is how to force Chrome to log me out using the command line.

2 Answers
2

You should consider other more general security measures to protect the data of a running or suspended system:

(automatically) lock your sessions when away from keyboard,

encrypt your home directory or partition,

encrypt the suspend image (dm-crypt, uswsusp, or tuxonice will do the job),

encrypt the swap partition (dm-crypt), and

use one or multiple strong pass phrases or even a smartcard in all of the above instances.

At this point it doesn't matter much, if the browser still has the master key in memory.

Rationale

If someone steals your notebook, he would have to guess your key, break the encryption, or analyse the memory content in case of a live system. The latter two are considered very difficult to achieve, whereas the difficulty of the first depends on the complexity of your key.

use an external password program that can be set up with requiring a passcode generated by an app on your smartphone, or that can send a text with a one time password to access their database. My personal preference is LastPass.

pkill can be used to kill off processes - if you set up chrome to not remember your login details when starting a new session, this would be sufficient (settings > content settings > manage exceptions > add pattern: google.com > dropdown: clear on exit)